On Fri, Aug 14, 2015 at 12:00 PM, Martin Pieuchot <[email protected]> wrote: > On 13/08/15(Thu) 20:35, Alexey Suslikov wrote: >> On Tue, Aug 11, 2015 at 11:20 PM, Brandon Mercer >> <[email protected]> wrote: >> >> Another thing that bothers me. These keys are USB HIDs, right? Is it safe >> >> enough to let browser access USB bus (USB keyboard is HID and people >> >> can type different things on it). > > What do you mean? You're already typing in your browser, right? AFAIK > these devices act like standard keyboards. > > "Is is safe enough" depends on a lot of factors. And I don't know if nor > why the browser needs to access your USB bus. > >> > Well, that part of it is a completely different animal. It's probably worth >> > a separate discussion about how the protocol works. You are suggesting that >> > this couldn't even be made to work in a secure fashion, and I'm not going >> > to >> > disagree with you. >> >> Not exactly what I suggested. >> >> My idea was a sort of USB proxy (emulator) to allow software like Chrome >> to access USB bus in secure way (like if you can configure what do you want >> to expose and what you don't). >> >> Smth like vscsi midlayer accessible from user-land which user in control of. >> >> Chrome uses only sort of vusb hub/bus with only permitted devices behind. >> >> Also useful for usb camera/sound access control. > > Why not put the same amount of effort in the existing userland interface > of the USB stack? In the end what's complicated is the answer to "which > user can to what". > > Honestly I doubt that another layer of abstraction will help, especially > if you considering the sate of our USB stack. > > I don't know if you looked at Chrome's sources but it uses the libusb > (don't ask me why) and that's already a "proxy" to use your words.
Thanks for answer, Martin. Absolutely agree with the statement above. I only discussed an idea of securing things. I have a question about USB. Is there any sort of multipath in USB standard, like in SCSI, so USB stack can see same device attached to different controllers/buses? Is it possible?
